How do I deploy an AWS ECS task definition?
Overview
In this example, we will demonstrate how to deploy an Amazon ECS task definition on AWS. The task definition is a blueprint for running containers within ECS, specifying configuration details like container images, memory and CPU requirements, port mappings, and more. We will create an ECS task definition using aws_ecs_task_definition
resource along with other necessary configurations.
Detailed Steps
- AWS Provider Configuration: Initialize the AWS provider to interact with your AWS account.
- IAM Role for ECS Tasks: Create an IAM role and policy to grant the ECS tasks necessary permissions.
- ECS Task Definition: Define the ECS task with container configuration including image, memory, CPU requirements, and port mappings.
- Output Values: Export relevant outputs for easier access and debugging.
Code
Here is the complete code to deploy an ECS task definition on AWS:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Step 2: Create IAM Role for ECS tasks
const ecsTaskExecution = new aws.iam.Role("ecs_task_execution", {
name: "ecsTaskExecutionRole",
assumeRolePolicy: JSON.stringify({
Version: "2012-10-17",
Statement: [{
Action: "sts:AssumeRole",
Effect: "Allow",
Principal: {
Service: "ecs-tasks.amazonaws.com",
},
}],
}),
});
const ecsTaskExecutionAttachment = new aws.iam.RolePolicyAttachment("ecs_task_execution_attachment", {
role: ecsTaskExecution.name,
policyArn: "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
});
// Step 3: Define the ECS Task Definition
const app = new aws.ecs.TaskDefinition("app", {
family: "my-ecs-app",
requiresCompatibilities: ["FARGATE"],
networkMode: "awsvpc",
cpu: "256",
memory: "512",
executionRoleArn: ecsTaskExecution.arn,
containerDefinitions: JSON.stringify([{
name: "my-app",
image: "nginx:latest",
cpu: 256,
memory: 512,
essential: true,
portMappings: [{
containerPort: 80,
hostPort: 80,
}],
}]),
});
export const taskDefinitionArn = app.arn;
Key Points
- AWS Provider: Connect to AWS using the provider block.
- IAM Role: Necessary for ECS tasks to access AWS services securely.
- ECS Task Definition: Details about the containers like image, memory, CPU are specified here.
- Outputs: Important resources can be exported for reference and debugging.
Summary
In this guide, we deployed an Amazon ECS task definition by configuring the AWS provider, creating an IAM role, and defining the task details. This setup is essential for running containers in an ECS cluster with the proper permissions and configurations.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.